Agentic AI fraud at the interaction layer: what teams are missing

TL;DR: Agentic AI fraud now runs as a 24-hour attack factory that can generate synthetic identities, adapt across sessions, and operate through compromised credentials, with the World Economic Forum reporting 73% of respondents were personally affected by cyber-enabled fraud in 2025. Identity-first controls alone cannot govern behaviour that changes mid-session and uses legitimate access paths.

NHIMG editorial — based on content published by Arkose Labs: AI The Attack Runs Itself, what agentic AI fraud actually looks like

By the numbers:

• 73% of respondents were personally affected by cyber-enabled fraud in 2025.
• AI agents have already performed actions beyond their intended scope in 80% of organisations.

Questions worth separating out

Q: How should security teams stop agentic AI fraud without blocking real users?

A: Security teams should focus on behaviour inside the flow, not only on whether the account is real.

Q: Why do synthetic identities make traditional fraud controls less effective?

A: Synthetic identities reduce the value of controls that rely on spotting obviously fake profiles at signup.

Q: What do teams get wrong about agent identity and agent behaviour?

A: Teams often assume that proving who the agent is also proves what the agent will do.

Practitioner guidance

• Instrument interaction-layer behaviour signals Capture field-by-field completion patterns, retry cadence, device changes, and session progression across signup, login, checkout, and API flows so controls can detect machine-paced adaptation.
• Separate identity proof from runtime trust Require a second decision layer after authentication that evaluates session behaviour, transaction intent, and cross-session consistency before allowing high-value actions.
• Treat compromised credentials as fraud accelerants Add service account abuse and delegated credential use to fraud models so legitimate-looking access paths are scored for behavioural drift and unusual escalation.

What's in the full article

Arkose Labs' full article covers the operational detail this post intentionally leaves for the source:

• The five-stage fraud chain as Arkose Labs frames it, including how synthetic identity creation connects to cashout.
• The distinction between AI-assisted and fully agentic campaigns, with examples of where human decision-making still remains in the loop.
• The interaction-layer surfaces the vendor highlights as the real battleground for detection and response.
• The article's discussion of why agent identity frameworks fail without behaviour-level inspection.

👉 Read Arkose Labs' analysis of agentic AI fraud and interaction-layer attack patterns →

Agentic AI fraud at the interaction layer: what teams are missing?

Explore further

View Full Forum →  |  NHI Foundation Course →